[buug] gateway

Patrick Soltani psoltani at ultradns.com
Thu Oct 23 13:20:28 PDT 2003 

Hi,

Please post the "netstat -rn" if you think you have 2 default gateway on a single host on a single network with single subnet mask.
Very likely you have a static route, again "netstat -rn" will tell you exactly how the machine is working ;-).

TCP/IP 101 and the way gateway sees it:
the packet's destination address is "logically Ended" with the subnetmak to determine if the packet belongs to the local net so it won't touch it, or it doesn't belong to the local net and forwards it to its next hop/router that it thinks will have a route.

Making the machine "forwarder" means that it now will pass the packet received on one interface to the other interface which in effect makes it a simplified form of router. 

Again to clarify what "works" for you and what is not possible by TCP/IP specs, just post the netstat -rn output and a "traceroute" to a machine outside of your network.  We can tell you exactly how the machine is routing or not and what would be the problems with the setup if any ;-).

Regards,
Patrick Soltani.

>-----Original Message-----
>From: johnd [mailto:john at jjdev.com]
>Sent: Wednesday, October 22, 2003 4:20 PM
>To: buug at weak.org
>Subject: Re: [buug] gateway
>
>
>the purpose is:
>
>there is a box in the far back end behind two firewalls...
>
>it has a default gate way for access to places it needs to go 
>to right now.
>
>I have a box in the DMZ that will act as a gate way for the 
>back end box to go
>to a few outside places...
>
>I just have the middle DMZ box with ip_forwarding on and to the back
>end box I added a second default gate way so it can go to the 
>outside web
>through the middle box.
>
>Seems like it makes sense works good...just wanted some input 
>to see how
>people 'normally' do this kind of thing.
>
>
>
>
>On Wed, Oct 22, 2003 at 03:59:32PM -0700, Tony Godshall wrote:
>> According to johnd,
>> > Is it ok to define two default gateways?
>> > 
>> > to me be name 'default gateway' implies one, but I have a box that
>> > has a route to a other lan and needs a route to the internet
>> > 
>> > so I just added another default gateway and everything works great
>> > 
>> > just want to make sure this is not a problem
>> 
>> If you have two interfaces out of your box, you might 
>> want to set up a sharing (higher bandwidth) or failover 
>> setup.
>> 
>> For linux, check Documentation/networking/bonding.txt and
>> the ifenslave config tool.  According to packages.debian.org, 
>> ifenslave is a tool to ...
>> 
>> : Attach and detach slave interfaces to a bonding device.
>> : 
>> : This is a tool to attach and detach slave network interfaces
>> : to a bonding device. A bonding device will act like a normal
>> : Ethernet network device to the kernel, but will send out the
>> : packets via the slave devices using a simple round-robin
>> : scheduler. This allows for simple load-balancing, identical
>> : to "channel bonding" or "trunking" techniques used in
>> : switches. 
>
>-- 
>Those who do not understand Unix are condemned to reinvent it, poorly.
>--Henry Spencer (Usenet signature, November 1987)
>
>_______________________________________________
>Buug mailing list
>Buug at weak.org
>http://www.weak.org/mailman/listinfo/buug
>

More information about the buug mailing list